kubectl proxy(1) Run a proxy to the Kubernetes API server

SYNOPSIS

kubectl proxy [OPTIONS]

DESCRIPTION

To proxy all of the kubernetes api and nothing else, use:

kubectl proxy --api-prefix=/

To proxy only part of the kubernetes api and also some static files:

kubectl proxy --www=/my/files --www-prefix=/static/ --api-prefix=/api/

The above lets you 'curl localhost:8001/api/v1/pods'.

To proxy the entire kubernetes api at a different root, use:

kubectl proxy --api-prefix=/custom/

The above lets you 'curl localhost:8001/custom/api/v1/pods'

OPTIONS

--accept-hosts="^localhost$,^127\.0\.0\.1$,^\[::1\]$"
    Regular expression for hosts that the proxy should accept.

--accept-paths="^/.*"
    Regular expression for paths that the proxy should accept.

--address="127.0.0.1"
    The IP address on which to serve on.

--api-prefix="/"
    Prefix to serve the proxied API under.

--disable-filter=false
    If true, disable request filtering in the proxy. This is dangerous, and can leave you vulnerable to XSRF attacks, when used with an accessible port.

-p, --port=8001
    The port on which to run the proxy. Set to 0 to pick a random port.

--reject-methods="POST,PUT,PATCH"
    Regular expression for HTTP methods that the proxy should reject.

--reject-paths="^/api/./exec,^/api/./run,^/api/.*/attach"
    Regular expression for paths that the proxy should reject.

-u, --unix-socket=""
    Unix socket on which to run the proxy.

-w, --www=""
    Also serve static files from the given directory under the specified prefix.

-P, --www-prefix="/static/"
    Prefix to serve static files under, if static file directory is specified.

OPTIONS INHERITED FROM PARENT COMMANDS

--alsologtostderr=false
    log to standard error as well as files

--api-version=""
    DEPRECATED: The API version to use when talking to the server

--certificate-authority=""
    Path to a cert. file for the certificate authority.

--client-certificate=""
    Path to a client certificate file for TLS.

--client-key=""
    Path to a client key file for TLS.

--cluster=""
    The name of the kubeconfig cluster to use

--context=""
    The name of the kubeconfig context to use

--insecure-skip-tls-verify=false
    If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.

--kubeconfig=""
    Path to the kubeconfig file to use for CLI requests.

--log-backtrace-at=:0
    when logging hits line file:N, emit a stack trace

--log-dir=""
    If non-empty, write log files in this directory

--log-flush-frequency=5s
    Maximum number of seconds between log flushes

--logtostderr=true
    log to standard error instead of files

--match-server-version=false
    Require server version to match client version

--namespace=""
    If present, the namespace scope for this CLI request.

--password=""
    Password for basic authentication to the API server.

-s, --server=""
    The address and port of the Kubernetes API server

--stderrthreshold=2
    logs at or above this threshold go to stderr

--token=""
    Bearer token for authentication to the API server.

--user=""
    The name of the kubeconfig user to use

--username=""
    Username for basic authentication to the API server.

-v, --v=0
    log level for V logs

--vmodule=
    comma-separated list of pattern=N settings for file-filtered logging

EXAMPLE

# Run a proxy to kubernetes apiserver on port 8011, serving static content from ./local/www/
kubectl proxy --port=8011 --www=./local/www/
# Run a proxy to kubernetes apiserver on an arbitrary local port.
# The chosen port for the server will be output to stdout.
kubectl proxy --port=0
# Run a proxy to kubernetes apiserver, changing the api prefix to k8s-api
# This makes e.g. the pods api available at localhost:8011/k8s-api/v1/pods/
kubectl proxy --api-prefix=/k8s-api

HISTORY

January 2015, Originally compiled by Eric Paris (eparis at redhat dot com) based on the kubernetes source material, but hopefully they have been automatically generated since!

SEE ALSO

LAST SEARCHED